Annual cost of data breaches globally to reach $5trn by 2024

The latest white paper from Juniper Research estimates that the total annual cost of data breaches worldwide will reach $5trn by 2024.

Juniper Research has concluded that the total worldwide yearly cost of data breaches will be a staggering $5trn by 2024.

The estimated figure includes both the direct costs associated with being the victim of a cyberattack, such as replacing hardware, and the indirect costs arising from hiring additional staff, abnormal churn and company devaluations due to reputational damage.

The majority of breaches, the research explained, will target SMEs due to the fact that, typically, they can’t afford sophisticated cybersecurity. “The cost of remedying these leaks will therefore be high, but the number of records per breach will be relatively low,” it said.

North America emerges as the leader in cybercrime costs throughout the forecast, however its overall share decreases slightly as other regions bring in harder penalties for data breaches.

‘Unaddressed vulnerability’

“Social media platforms provide both a rich source of information on individuals that can be harnessed for spearphishing attacks,” the research continued. This accords with previous research released by ProofPoint, which found that employees who are easily discoverable online are more likely to be the target of a spearphishing attack.

“This has been exacerbated by the use of fake accounts to ostensibly engage with large events, distribute fake ad links or bootleg copies of popular mobile apps.”

The researchers call this an “unaddressed vulnerability for businesses”, noting that an organisation’s own social media accounts are often exposed to these attacks and often exist outside of any form of enterprise endpoint security.

“Phishing is a highly successful vector and will continue to evolve and morph with changes in social platforms.”

Rising threat of deepfakes

Deepfakes have become an increasing concern for cybersecurity researchers as they have become an increasingly popular vessel through which to commit cybercrimes, such as in the case of the deepfake-generated LinkedIn accounts, which stoked fears of espionage earlier in 2019.

The team at Juniper Research shares this acute concern about the implication of deepfake technology.

It said: “Deep fakes have the potential to change the game, giving cybercriminals an unprecedented advantage … They can also be used to as a means of social engineering, tricking employees into certain behaviours. Business email compromise, for example, could be augmented with deep fakes to build relationships and trust with targets in a spearphishing exercise.”